5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.6%
The specializedRendering function in Rocket.Chat server before 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the value parameter.
specializedRendering
value
docs.rocket.chat/guides/security/security-updates
hackerone.com/reports/899954
rocket.chat/xss-vulnerability-hotfix-available-for-all-affected-versions/